AZ-104 Implement and Manage Storage • Complete Question Bank
Complete AZ-104 Implement and Manage Storage question bank — all 0 questions with answers and detailed explanations.
Drag a concept onto its matching description — or click a concept then click the description.
Best for data accessed frequently and kept immediately available.
Best for infrequently accessed data that still remains online.
Stores data offline and requires rehydration before it can be read.
Moves archived data back to an online tier so it can be accessed again.
Helps prevent modification or deletion for a retention period.
Container properties: Container name: auditlogs Immutable storage: enabled Immutability policy mode: Unlocked Retention period: 30 days Allow protected append writes: Yes Compliance note: the retention period has been tested and approved, and the organization wants the setting to be fixed so it cannot be shortened later.
Azure portal role assignments for storage account appdata01: - John Doe: Contributor at storage account scope - Data access test from portal: You do not have permissions to list containers. - Requirement: John must read and download blobs from container invoices and nothing else.
Blob properties: Name: monthly-finance.csv Access tier: Archive Archive status: none Last modified: 2026-04-10 Application log: 12:05 UTC - Job started 12:06 UTC - Download failed: Blob is currently archived and must be rehydrated before it can be read. Business requirement: analysts must open the file in Excel tomorrow morning.
Drag a concept onto its matching description — or click a concept then click the description.
Provides full access to the storage account and should be protected carefully.
Grants time-limited access to specific resources and permissions.
Authorizes users or applications through Microsoft Entra ID at a chosen scope.
Allows anonymous read access when enabled for the container.
Lets an Azure-hosted app authenticate without storing credentials or secrets.
Topology notes: - Eight branch offices each run Windows Server 2022 with a local SMB share. - Each branch must keep accessing the same files if the WAN link is down for several hours. - Head office wants a single Azure file share to act as the central copy. - Frequently used files should remain cached on the branch servers.
Storage account: prodarchive01 Kind: StorageV2 Current redundancy: GRS Primary region: East US 2 Secondary region: Central US Requirement notes: - The application must remain available if one availability zone in East US 2 fails. - If the primary region becomes unavailable, analysts must still be able to read from the secondary copy without waiting for a manual failover. - The workload reads blobs directly during recovery.
Drag a concept onto its matching description — or click a concept then click the description.
Stores three copies of data within one Azure datacenter.
Stores copies across multiple availability zones in one region.
Replicates data to a secondary region, but the secondary copy is not readable.
Replicates data to a secondary region and allows read access to that secondary copy.
Combines zone redundancy in the primary region with geo-replication to a secondary region.
Combines zone redundancy and geo-replication, with readable access to the secondary region.
Requirement summary: - Azure VMs in AppSubnet must access StorageAccount1 - Only AppSubnet should be allowed - The storage account should remain reachable through its public endpoint - No private IP is required
Drag a concept onto its matching description — or click a concept then click the description.
Storage firewall with a virtual network rule and service endpoint
Private endpoint with private DNS zone
Trusted Microsoft services exception
Storage firewall IP network rule
Drag a concept onto its matching description — or click a concept then click the description.
ZRS
LRS
RA-GRS
RA-GZRS
Drag a concept onto its matching description — or click a concept then click the description.
Transition to Cool
Transition to Archive
Rehydrate from Archive
Delete blob
Drag a concept onto its matching description — or click a concept then click the description.
Hot
Cool
Archive
Rehydrate from Archive
Drag a concept onto its matching description — or click a concept then click the description.
Azure File Sync
SMB with AD DS-based identity authentication
NFS 4.1 share
SAS token
Storage account network settings: Public network access: Enabled from selected virtual networks Firewall status: No virtual network rules configured AppSubnet settings: Service endpoint for Microsoft.Storage: Not enabled Private endpoint: Not configured Requirement: Restrict access to AppSubnet only, without changing DNS.
Drag a concept onto its matching description — or click a concept then click the description.
User delegation SAS
Service SAS
Account SAS
Storage account key
Drag a concept onto its matching description — or click a concept then click the description.
Enable a managed identity on the VM and assign a data-plane RBAC role
User delegation SAS
Storage account key
Azure RBAC data role assignment
Drag a concept onto its matching description — or click a concept then click the description.
General-purpose v2
FileStorage
BlockBlobStorage
BlobStorage
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag steps to the numbered slots on the right, or tap a step then tap a slot.